Paper Info
Title
DTB-IDS: an intrusion detection system based on decision tree using behavior analysis for preventing APT attacks
Abstract
Abstract Due to rapid growth of communications and networks, a cyber-attack with malicious codes has been coming as a new paradigm in information security area since last few years. In particular, an advanced persistent threats (APT) attack is bringing out big social issues. The APT attack uses social engineering methods to target various systems for intrusions. It breaks down the security of the target system to leak information or to destroy the system by giving monetary damages on the target. APT attacks make relatively simple attacks such as spear phishing during initial intrusion but a back door is created by leaking the long-term information after initial intrusion, and it transmits the malicious code by analyzing the internal network. In this paper, we propose an intrusion detection system based on the decision tree using analysis of behavior information to detect APT attacks that intellectually change after intrusion into a system. Furthermore, it can detect the possibility on the initial intrusion and minimize the damage size by quickly responding to APT attacks.
Year
DOI
Venue
2017
10.1007/s11227-015-1604-8
The Journal of Supercomputing
Keywords
Field
DocType
Advanced persistent threats (APT),Behavior analysis,Decision tree,Intrusion detection
Decision tree,Intrusion,Phishing,Computer science,Computer security,Information security,Social engineering (security),Anomaly-based intrusion detection system,Intrusion prevention system,Intrusion detection system
Journal
Volume
Issue
ISSN
73
7
1573-0484
Citations 
PageRank 
References 
8
0.49
12
Authors
4
Name
Order
Citations
PageRank
Daesung Moon1102.57
Hyungjin Im2112.25
Ikkyun Kim3629.02
Jong Hyuk Park41661193.82